Perl up to 5.24.2/5.26.0 win32/perlhost.h CPerlHost::Add Environment Variable memory corruption
A vulnerability was found in Perl up to 5.24.2/5.26.0 (Programming Language Software). It has been rated as critical. Affected by this issue is the function
CPerlHost::Add of the file win32/perlhost.h. Upgrading to version 5.24.3-RC1 or 5.26.1-RC1 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at perl5.git.perl.org. The best possible mitigation is suggested to be patching the affected component. A possible mitigation has been published before and not just after the disclosure of the vulnerability.
Do you know our Splunk app?
Download it now for free!